Date : Fri, 06 Sep 1985 06:23:24 EDT
From : "Paul R. Grupp" <GRUPP@MIT-MC.ARPA>
Subject: How to defeat a read-only filesystem
From: burton.osbunorth at Xerox.ARPA
Re: How to defeat a read-only filesystem
While I haven't yet looked at your program that sets a hard disk file
system to read-only status, it seems that its function could be defeated
by Trojan Horse programs that do a disk reset prior to doing their
dirty work.
NOT true! This program REMOVES some of the BIOS write code, so unless
the "trojan horse" knew what bios you had and what address it was
running at, could not replace it. The ONLY thing that will restore
your os to R/W is a COLD boot, not even a warm boot as this only
restores the Bdos and CCP.
As the military does, the only true security is physical separation.
True, but with source to your os and some patches you can do almost as well.
My system allows me to trap any given track(s) and A) abort B) allow to
proceed C) devert to log file. Of course this is of no help if it is
a multi-user system and someone else gets in to do the dammage.
Phil Burton
Xerox Corp.
If anyone after reading the DOC and ASM file thinks there are holes
in this program, I would love to hear from you. Most of the replies
I've gotten so far are from people that didn't look at the files and
jumped to conclusions about what this program does. There ARE more
elegant ways of creating protection, but none SO simple and also not
possible to create a generic version that would run on ALL 2.x
systems. This program was created for all those people that don't
have source to their os, or that may not be able to patch it themself
if they did.
-Paul